Cambridge, UK—November 4, 2021, Marking a key milestone in IoT security, Zaya has announced Secure Containers for RISC-V Microcontrollers.
Containers are useful tools provided by Rich Operating Systems such as Linux, and they are operating system level virtualisation for running multiple identical or different types of executions at the same time.
Containers are isolated executions, so any other execution cannot interfere or violate a Container. Therefore, they are essential elements of
Security; secrets of a container are not accessible from other malicious applications.
Safety; A malfunctioned application cannot break a container.
Containers also offer deployment friendly environments because they are independent executables; a container can be developed and upgraded individually, which also be cloneable in Run-Time.
Up to now, Containers have been widely used only in Servers and PCs. One of the reasons is technical requirements; Containers need Process/Execution Isolation provided by Operating Systems. Herein, the real limitation is that Operating Systems need some hardware modules such as Memory Management Unit (MMU) to provide Process Isolation. MMUs are standard hardware features for Application Processors.
In the Internet of Things (IoT) age, we are connecting all electronic devices around us to the internet. For each PC and Server, we are having hundred/thousands of IoT devices, and it is getting the real threat vector than PC and Server Security.
By hacking IoT devices, one could get control of the field, even the human environment and could manipulate the cloud, or could have even a massive Zombie Army to attack any other targets.
The problem with the IoT Devices is that IoT devices are small and resource constraint devices while Security needs a high amount of resources. As an example; Isolation is a critical element for Security, but small processors/microcontrollers do not have hardware modules like MMUs to have isolation so if a small IoT device is hacked by an attacker, the attacker will have full access right over the device.
At ZAYA, as we are Computer Science Intellectuals, we build secure software solutions by bringing different Computer Science disciplines together; we improve proven Computer Science approaches for a specific domain and invent new ideas.
Containers are a well-known and proven way to secure Computer Applications, and we could have this tool even in a small IoT Device to eliminate critical security leaks on IoT Edges.
Today; ZAYA proudly announces ZAYA microContainers (μContainer); ZAYA μContainers are containers for RISC-V Microcontrollers and so small IoT Edges which have similar capabilities like Linux Containers.
“micro (μ)” of microContainer comes from “Microcontroller”.
ZAYA microContainer; Containers for Microcontrollers.
ZAYA μContainers are isolated executables that protect a container from the rest of the system. ZAYA Secure Kernel terminates the violent containers if attempt to access the μContainer resources; the rest of the system is still alive, which is important for functional safety.
ZAYA μContainers provide high-level isolation; ZAYA Kernel isolation meets PSA L1 SPE/NSPE and SESIP Isolation of Platform requirements. ZAYA μContainers isolation meets SESIP Isolation of Application Parts requirement.
ZAYA μContainers are Security-Less executables, and they make use of security (crypto, secure storage) from PSA CertifiedTM L1 and PSA CertifiedTM Functional API ZAYA Secure Kernel.
ZAYA μContainers are independent executables so ZAYA μContainers can be designed, developed, built individually using different tools and toolchains. A ZAYA μContainers can be upgraded individually too which means size-effective (small OTA) upgrade packages; IoT devices are resource constraint systems and ZAYA needs dramatically less memory to save upgrade packages. Also, if we consider thousands/millions of devices in the field, it dramatically reduces the network traffic.
ZAYA μContainers provides a platform-agnostic environment for even other platforms, and the developer can run even a guest RTOS or guest programming language in a ZAYA μContainers.
ZAYA μContainers are an excellent way to build secure, user-friendly, deployment-friendly and certification-friendly products and ZAYA μContainers are available for RISC-V microcontrollers now.
Please see the following links for more details;
ZAYA μContainers changes the mindset in IoT and IoT Security. If you would like to hear more about ZAYA μContainers please contact info@za-ya.co